Module 7: Networking Fundamentals: Understanding TCP/IP and Networking Flashcards
What is a host?
A computer that can be either the client or the server using client/server applications.
What is a node?
Any computer, printer, smart thermostat, or other networked device that can be addressed on the network.
Are all nodes considered hosts?
Every host is a node, but not every node is a host. Examples of nodes that are not hosts are network equipement; routers, hubs, switches
How are client or server applications running on a computer identified?
By a port address, also called a port or port number
_____ identifies a node and its network connection
IP address
What are the 2 types of IP addresses (w/ details)?
32bit which is IPv4, written as 4 decimal numbers
28bit which is IPv6, written as 8 hexadecimal numbers
What is used to identify a network adapter (NIC)?
MAC addresses, a 48 bit identification number
What is this an example of, 00-0C-6E-4E-AB-A5?
MAC address written in hexadecimal or hex
What is a host name?
A human-readable label assigned to a device connected to a network and can be used in place of its IP address?
Where can you change the host name/computer name?
In the about window and clicking Rename this PC
What is the purpose of a domain name? Give examples
- Identifies a network
- For example, the names that appear before the period in microsoft.com, cengage.com, and mycompany.com
Describe the meaning of the letters after a domain name
- The letters after the period are called the toplevel domain and tell you something about the domain.
.com (commercial)
.org (nonprofit)
.gov (government)
.edu (education)
.info (general use)
____ identifies a computer and the nework to which it belongs.
Fully Qualified Domain Name (FQDN)
Using Cengage, what is the FQDN? Explain in detail
www.cengage.com
host name - www
domain name - cengage
top level domain name - com
A fully qualified domain name (FQDN) must be associated with an ____ before the computer can be found on the internet.
IP Address
What is Transmission Control Protocol/Internet Protocol (TCP/IP)?
a suite of protocols or rules that define network communication
In order from top to bottom, what are the four layers of the TCP/IP model?
Application Layer
Transport Layer
Internet (Network) Layer
Link (Network Access) Layer
Explain a message from browser to web server using the TCP/IP model
1) Application Layer: Browser client sends request to web server. The request is sent through the OS which formats the message using the HTTP protocol and passed to the Transport Layer.
2) Transport Layer: The HTTP request gets encapsulated into a TCP segment which includes source/destination port numbers, 80. TCP provides reliable, connection-oriented communication between the client and server. This includes features like flow control, error detection, and retransmission of lost packets.The TCP segment is then passed down to the internet layer.
3) Internet Layer: The TCP segment is encapulated futher into an IP packet to ensure the message reaches the desintation host on the local network. The IP packet contains source and desintation IP and TTL value. Then it gets passed to the Link Layer.
4) Link Layer: The physical network that receives the IP packet and gets encapsulated into a data frame w/ error checking information. The data frame includes the NIC MAC address of the source and destination address. The switch or router forwards the message to the network.
- On the Network: The IP at the Internet Layer is used to find the correct destination network (router/firewall). If an Intranet exists within destination network, the IP address is used again to find the correct network within the Intranet. Then the MAC address at the Link Layer finds the correct computer or host on the LAN.
What is a protocol data unit (PDU)? Give examples
A term used in networking to describe the unit of information transmitted across a network at various layers of the OSI model or the TCP/IP suite
- Application Layer: The PDU at this layer is called a “message.”
- Transport Layer: The PDU at this layer is called a “segment” (for TCP) or “datagram” (for UDP).
- Internet Layer: The PDU at this layer is called a “packet.”
- Link Layer: The PDU at this layer is called a “frame.”
Name the layers of the OSI model and its PDU’s
- Application Layer: The PDU at this layer is called a “message.”
- Presentation Layer: The PDU at this layer is called a “datagram.”
- Session Layer: The PDU at this layer is called a “datagram.”
- Transport Layer: The PDU at this layer is called a “segment” (for TCP) or “datagram” (for UDP).
- Network Layer: The PDU at this layer is called a “packet” or “datagram.”
- Data Link Layer: The PDU at this layer is called a “frame.”
- Physical Layer: The PDU at this layer is referred to as a “bit.”
What is a Router? What layer of the OSI and TCP models does it operate on?
A device that manages traffic between two or more networks and can help find the best path for traffic to get from one network to another.
-OSI: Network Layer
-TCP/IP: Internet Layer
HTTPS (HTTP secure) refers to the HTTP protocol working with a security protocol such as ____ or ____ to create a secured socket (or channel). Which port is being used?
- Secure Sockets Layer (SSL) or Transport Layer Security (TLS). TLS is better security
- Uses Port 443 and TCP
A web server “listens” to which port for HTTP (Hypertext transfer protocol)?
- Port 80
- Uses TCP
Mail servers use which port numbers? and Protocol?
- Simple Mail Trasnport Protocol (SMTP): 25
- POP3: 110
- IMAP4: 143
- All use TCP
Which mailing protocol is used to send email? Which protocol downloads the email to the client computer and deletes it from the server?
SMTP sends email, POP and IMAP receives email
POP downloads to client and deletes from server
_____ stores files and makes them available to other computers.
File Server or File Share Server
What protocols are used or have been used to share files and printers on a network?
Server Message Block (SMB) and Common Internet File System (CIFS). CIFS is older tech.
What is NetBIOS and NetBT?
- NetBIOS (Network Basic Input/Output System) is an early networking protocol that facilitates communication between devices on a local network.
- It uses a flat namespace for identifying devices and services
- NetBT (NetBIOS over TCP/IP) is a version of NETBIOS that operates over TCP/IP networks, communication to occur within the context of the TCP/IP protocol suite
- NetBIOS is used on legacy systems. DNS is used today
What ports are used for NetBIOS and NetBT?
Ports 137 and 138 for UDP
Ports 138 and 139 for TCP
What port numbers do SMB and CIFS use? and Protocol?
- Uses Port 445
- Both TCP and UDP
A _____ manages network printers and makes them available to computers throughout the network.
Print Server
What is the difference between a static and dynamic IP address?
A static IP address is manually assigned, typically by the sys admin.
A dynamic IP address is auto assigned by a DHCP Server.
A device that requests an IP address and other information from a DHCP server is called _____.
DHCP Client
What ports are used by the DHCP (Dynamic Host Configuration Protocol)?
- DHCP server listens at port 67
- DHCP client receives messages on port 68
- Uses UDP
What is the process called of convertering FQDNs into IP addresses?
Name Resolution
What is the most common method of name resolution? What port number is used in the process?
- DNS (Domain Name System), converting domain names, or FQDNs, into IP addresses.
- DNS server listens at port 53
- Both TCP and UDP
Explain the benefits of a Proxy Server (sometimes called an Internet Appliance)
Acts a middleman between a client device and the internet for:
- Content Filtering and Access Control: Proxy servers can enforce access policies to filter web content
- Caching: Proxy servers can cache web content to reduce bandwidth usage and improve network performance.
- Security: Proxy servers can act as a firewall between the client device and the internet, preventing malicious content.
- Email Filtering and Access to the Internet
What is an Authentication, Authorization, Accounter Server (AAA, or triple A server)? What is an example in Windows?
It is used to secure and control access to the network and its resources.
Windows Active Directory
Explain what AAA servers do
- Authenticate users or computers to the network so they can access network resources and stores user or device credentials, such as user names and passwords.
- Authorize what a user or computer can do after they have access, including the resources they can access and what they can do with these resources.
- Account for what a user or computer did with the resources and the time they took. These logs can be useful when users and computers are billed for services they used
How is LDAP (Lightweight Access Directory Protocol) used in a AAA server?
- LDAP is a viable option for exchanging data and requests between the AAA server and other systems or clients within a network environment.
- LDAP is commonly used in AAA systems to manage user authentication, authorization, and directory services.
LDAP uses which port numbers?
LDAP uses port 389 (both TCP and UDP)
LDAPS (secure version) listens at port 636
_______ is a protocol that gathers event information about various network devices, such as errors, failures, maintenance tasks, and users logging in or out.
Syslog
What is a Syslog Server?
A centralized location where logged events, such as errors, failures, maintenance tasks, and users logging in or out, are collected into a database.
A server that verifies user identities, controls access to network resources based on predefined policies, and logs user activities for auditing purposes.
AAA (Authentication, Authorization, and Accounting) Server
A server that translates domain names (e.g., www.example.com) into IP addresses and vice versa. It helps clients locate resources on the internet by resolving human-readable domain names to numerical IP addresses.
DNS (Domain Name System) Server
A server that dynamically assigns IP addresses, subnet masks, default gateways, DNS server addresses, and other network configuration parameters to client devices on a network. It simplifies network administration by automating IP address management.
DHCP (Dynamic Host Configuration Protocol) Server
A server that hosts shared folders and files accessible to network users. It allows multiple users to access and share files and folders over a network, facilitating collaboration and data sharing.
File Share Server
A server that handles the sending, receiving, and storage of email messages. It routes email messages between senders and recipients, stores email messages in user mailboxes, and provides access to email messages using email clients such as Microsoft Outlook or webmail interfaces.
Mail Server
A server that manages printers and print queues on a network. It allows users to send print jobs to network printers, monitors printer status and availability, and ensures efficient printing across the network.
Print Server
A server that collects, stores, and analyzes log messages generated by network devices, servers, and applications. It helps administrators monitor system events, troubleshoot issues, detect security incidents, and comply with regulatory requirements by centralizing log management.
Syslog Server
A server that hosts websites and web applications accessible over the internet or an intranet. It serves web pages in response to client requests, executes web applications, and handles communication between web clients (browsers) and web servers using HTTP or HTTPS protocols.
Web Server
File Transfer Protocol (FTP) and Server
An Application layer protocol used to transfer files between client and server on a network.
- Port 20. The FTP client receives data from the FTP server. (TCP)
- Port 21. The FTP server listens at port 21 for commands from an FTP client(TCP)
Telnet Server and Protocol
- Used by an administrator or othe ruser to cocntrol a computer remotely
- Telnet is not secure
- Server listens at port 23
- Uses TCP
Secure Shell (SSH) Server and Protocol
- Encrypts communication so hackers cant read the data if they intercept a transmission.
- Uses port 22
- Uses TCP
_____ protocol is used in various situations for encryption, such as when remotely controlling a computer or when communicating with a web server.
SSH
___ is commonly used in Linux to pass sign-in information to a remote computer and control that computer over a network.
SSH
Remote Desktop Protocol (RDP)
- Used by the Windows Remote Desktop and Remote Assistance utilities to connect to and control a remote computer.
- Both of these servers listens on port 3389
- Both TCP and UDP
Simple Network Management Protocol (SNMP)
A versatile service and protocol used to monitor network traffic and manage network devices.
● Port 161. The SNMP agent on the monitored device listens at port 161.
● Port 162. The SNMP server or manager listens at port 162.
In SNMP, the device or system that collects and manages information from network devices is referred to as the SNMP manager or SNMP server. Meanwhile, each network device that is monitored or managed using SNMP has a software component called an ____ that gathers information about the device’s status and performance and makes it available to the SNMP manager for monitoring and management purposes.
SNMP agent
SNMP Agent port and protocol
listens at port 161 uses UDP
SNMP Manager port and protocol
listens at port 162 and UDP
TCP uses ____ to establish a connection between a sending and destination host
IP addresses
Why is TCP considered a connection-oriented protocol?
Because it establishes a connection between the sender and receiver BEFORE transferring data. This connection ensures that data is reliably transmitted between the two hosts, with mechanisms in place to acknowledge receipt of data and handle any errors or lost packets. If necessary, data is resent.
What are some applications used by TCP?
web browsers (HTTP and HTTPS protocols)
email (SMTP, POP3, and IMAP
protocols)
FTP file transfer apps (using FTP
protocol)
SSH apps used to make secure
connections to a server (using SSH protocol).
An easy way to know what apps/protocols is ____ ?
TCP Guarentees delivery so if the app/protocol requires gauarenteed delivery then it uses TCP.
For example, sending an email requires guaranteed delivery.
TCP typically uses a ____ handshake to establish a reliable CONNECTION between the sender and receiver. Name the steps.
- three-way handshake
- SYN (Synchronize): The client sends a SYN segment to the server, indicating its desire to establish a connection and specifying an initial sequence number.
- SYN-ACK (Synchronize-Acknowledge): The server responds with a SYN-ACK segment, acknowledging the client’s request and also indicating its own desire to establish a connection. The SYN-ACK segment contains an acknowledgment number and an initial sequence number.
- ACK (Acknowledge): Finally, the client sends an ACK segment to the server, acknowledging receipt of the server’s SYN-ACK segment and completing the connection establishment process. This segment may also contain data, depending on the application requirements.
When TCP message reaches its destination, how does the source know it has been received?
An ACK is sent back to then source, thus guaranteed delivery.
What Protocol is used when guaranteed is not important but speed is?
UDP (User Datagram Protocol)
Why is UDP called a connection-less (best-effort) protocol?
Because it does not establish a dedicated connection between the sender and receiver before transmitting data. Unlike TCP, which uses a three-way handshake to establish a connection, UDP simply sends datagrams (packets of data) without prior negotiation. As a result, UDP does not guarantee delivery or ensure the order of delivery, making it faster and more lightweight but less reliable than TCP for certain applications.
What are some examples of UDP?
● Broadcasting, such as streaming live video or sound over the web. (TCP, however, is preferred for video on demand where quality is an issue such as Netflix.)
● Monitoring network traffic. The SNMP agent and manager use UDP.
● Completing simple file transfers. Trivial FTP (TFTP)
● Communicating between DHCP clients and servers. DHCP uses UDP rather than TCP primarily because DHCP clients and servers use broadcasting to communicate on a local network; UDP supports broadcasting, but TCP does not.
Trivial File Transfer Protocol (TFTP)
- A small, simple app often used to transfer BIOS updates to firmware on routers and smartphones.
- It’s also used to transfer a lean pre-execution environment (PXE) operating system from a server to BIOS/UEFI on a computer to boot the computer when it does not have a working OS.
- Uses UDP
In an IPv4 address, each of the four numbers separated by periods is called an _____ and can be any decimal value from _____ to _____, making a total of 4.3 billion possible IPv4 addresses (256x256x256x256).
Octet (for 8 bits)
0 to 255 (total value including 0, 256)
What TCP/IP information is needed for a host to communicate on a network?
- Its own IP Address, such as 192.168.100.4 (92.168.100 identifies the network, .4 identifies the host)
- A subnet mask: Helps the host determine whether a destination IP address is on the same local network or a different network, facilitating routing decisions.
- Default Gateway: The default gateway is the IP address of the router or gateway device that serves as the entry point to other networks or the Internet. It is used when the host needs to communicate with devices on remote networks.
- IP addresses of one or more DNS servers. It queries a DNS server to find out the IP address of the destination host when it knows only the domain name of the host.
How does a computer or other network device know what part of an IP address identifies the network and what part identifies the host?
- The Subnet Mask
- For example
Subnet Mask: 255.255.255.0
IP Address: 192.168.100.4
Network ID: 192.168.100
Host: .4
Name the steps to view TCP/IP settings in Windows 10
- Right-click Start and click “Network Connections.” In the Status window, click Change adapter options.
- In the Network Connections window, you can see all your connections. Right-click your current connection, and click “Properties”
- In the Properties dialog box, select “Internet Protocol Version 4” (TCP/IPv4) and click “Properties.” Typically, the host automatically configured to request the IP, Subnet, & Default Gateway from the DHCP server.
- To find out what values have been assigned to this computer, enter cmd in the Windows search box. The Command Prompt window opens. In the window, enter the following: “ipconfig /all”
When a computer on a network wants to send a message through TCP/IP to another computer, how does it know if the receiving computer is on the same network or on a different network?
- The sending computer looks at its own IP address along with its subnet mask to determine its network portion (beginning portion of IP).
- The sending computer examines the destination IP address of the message
- The sending computer compares its own network portion with the network portion extracted from the destination IP address.
- If the network portions match, it means the destination computer is on the same network. If not, its on a different network and message is sent to the DEFAULT GATEWAY.
IP Address: 192.268.1.168
Subnet Mask: 255.255.255.0
What is the Network ID and Host?
192.268.1.168
Network ID: 192.168.1
Host: .168
This IP Address 19.200.60.6 in binary is 00010011.11001000.00111100.00000110.
The Subnet Mask 255.255.240.0 in binary is
11111111.11111111.11110000.00000000.
How many bits are used to identify the network?
There are 20 ones in the subnet mask. Therefore, 20 bits identify the network.
Are both IP addresses on the same network or different networks?
Sender - IP Address 19.200.60.6 in binary is 00010011.11001000.00111100.00000110.
Sender - Subnet Mask 255.255.240.0 in binary is
11111111.11111111.11110000.00000000.
Receiver - IP Address 19.200.51.100 in
binary is
00010011.11001000.00110011.01100100
Compare the first 20 bits in the two IP addresses
(00010011.11001000.0011) 1100.00000110
(00010011.11001000.0011) 0011.01100100.
Yes, they match so they are on the same network.
If an IP address and subnet mask is written like 15.50.212.59/20, what does it mean and what is it called?
- It means the /20 notation is the first 20 bits in the IP address to identify the network.
- It is called slash notation or CIDR notation.
What is it called when an IP address is available for use on the internet and what is it when it is not allowed for use on the internet?
Public IP addresses are for use on the internet and Private IP address are for private networks.
List the private network IP address ranges that are reserved for use within private networks and are not routable over the public internet and what are they for?
- Class A: 10.0.0.0 to 10.255.255.255
(Subnet mask: 255.0.0.0) - Class B: 172.16.0.0 to 172.31.255.255 (Subnet mask: 255.240.0.0)
- Class C: 192.168.0.0 to 192.168.255.255 (Subnet mask: 255.255.0.0)
These addresses are used for internal communication within a network and are not globally unique.
If a computer first connects to a network that is using dynamic IP addressing and is unable to lease an IP address from the DHCP server, it generates its own _______.
Automatic Private IP Address (APIPA)
The APIPA range for IPv4 is ______.
169.254.0.1 to 169.254.255.254
(with subnet mask 255.255.0.0)
What is NAT (Network Address Translation)?
- A technique designed to conserve the number of public IP addresses needed by a network by sharing a single public IP address (typically attached to the router).
- Nat is also good for security since all devices connected to the local network will be given private IP addresses hidden behind the public IP address.
______ is responsible for keeping track of assigned IP addresses
Internet Assigned Numbers authority (IANA)
What is used to identify an interface on the IPv6 local network?
The last 64 bits or four blocks of the IPv6 address, also called the interface ID.
______ are nodes on the same network.
Neighbors
What is Multicasting?
- Multicasting is used to deliver messages to all nodes in a targeted, multicast group, who have expressed interest in receiving the data,
- Example: Streaming media, online gaming, and video conferencing from a server to multiple nodes on a network
What is Anycast?
Anycasting is used by routers and can identify multiple destinations but a message is delivered only to the closest destination
What is Unicast?
Unicasting is used to send messages to a single node on a network.
What are the three types of IPv6 unicast addresses?
Three types of IPv6 unicast addresses
are link local addresses, unique local addresses, and global addresses
What is a Link Local Address (local unicast address or local network)?
- Used for limited communication with neighboring nodes in the same link or local network.
- Similar to the IPv4 APIPA addresses in that they are assigned to the computer by itself, as opposed to the DHCPv6 server, and are not guaranteed to be unique on the network.
- They are not allowed on the internet or outside of their private network.
IPv6 Link Local Addresses prefix notation begins with ______.
FE80::/64
How do you indentify the interface in a list of interfaces for an IPv6 address? What is it in this example? fe80::8944:aa76:727f:4af8%4
The zone ID or scope ID
%4 - Its the IP followed by a % sign and a number.
What is a Unique Local Address (ULA)?
A private address assigned by a DHCPv6 server, similar to the private IPv4 addresses, that can communicate across subnets within the private network.
A Unique Local Address always begins with ____ and is usually assigned to an interface in addition to its self-assigned link local address.
FC or FD
Which IPv6 address can be routed on the Internet?
Global Address
What is Global Address (Global Unicast Address)?
- An IP Address that can be rounted on the Internet, similar to the IPv4 addresses.
- These addresses are assigned to devices and services that need to communicate with other devices and services across the Internet.
The Global Routing Prefix is the first ____ of the IPv6 address and these ___ of the global adddress are assigned to a customer by the ISP.
48 bits
